Facebook Message virus returns as summer 2017 draws to a close

The return of Facebook Message virus: stay away from shortened video links sent by your friends!

Summer is coming to an end, which means that malware developers are heading back to work. In fact, some of them do not even wait for the end of the warm season – recently, researchers from 2-Spyware analyzed new Facebook Message virus variant that infects Facebook accounts to send messages to all of their friends.

The malicious messages contain a link to a video and a line “[name of the recipient] Video,” suggesting the victim to watch a short clip. The concept of the virus is very similar to Facebook Video virus, which also attempts to trick people into opening a fake video link.

Clearly, criminals use social engineering technique to make the victim curious about the link. Once the victim clicks on something that looks like a shortened URL (usually bit.ly) of a video, the virus redirects him/her to a Google Doc page.

The document contains an automatically generated image using target’s photo from Facebook and a play button on it.

Once clicked, a chain of redirections occurs. Each of the websites that victim’s browser connects to collects certain information about the victim, such as:

Default computer’s language;

Geolocation of the device;

Browser information;

Installed add-ons and cookies;

Operating system type and version;

Browser type and version.

Based on computer’s operating system and used browser type, the malware triggers a redirect to a phishing website that suggests installing either a malicious Flash Player update, Chrome or Firefox extension.

If the victim agrees to install the suggested software, his/her account gets compromised. Consequently, it might starts automatically sending messages to all friends, spreading the malicious link further. Cyber security experts say that technical analysis of the virus is required to determine an exact method used for distribution of this virus.

The purpose of the new Facebook Messenger virus

The newly discovered Facebook virus spreads rapidly; however, cyber security experts from Kaspersky claim that the installed virus belongs to adware category and doesn’t download any malicious programs to the system. However, this virus can be updated at any time.

If you received a similar message via Messenger, better do not click on it! Although the malware gets into the system once the victim agrees to do so, there are viruses that are capable of infiltrating the system using security vulnerabilities.

Therefore, if you do not want to become a victim of a much more critical virus’ attack, better keep the distance from suspicious links you receive via Facebook.

If you accidentally clicked on the malicious link, immediately scan your computer with anti-malware to remove Facebook Message virus from the system.